package com.spring.security.client.browser.config;

import com.spring.security.core.properties.SecurityProperties;
import com.spring.security.client.browser.session.SpringExpiredSessionStrategy;
import com.spring.security.client.browser.session.SpringInvalidSessionStrategy;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.web.session.InvalidSessionStrategy;
import org.springframework.security.web.session.SessionInformationExpiredStrategy;

/**
 * @author seabed_moon
 */
@Configuration
public class SessionBeanConfig {

    private final SecurityProperties securityProperties;

    public SessionBeanConfig(SecurityProperties securityProperties) {
        this.securityProperties = securityProperties;
    }


    /**
     * session失效时的处理策略配置
     *
     * @return
     */
    @Bean
    @ConditionalOnMissingBean(InvalidSessionStrategy.class)
    public InvalidSessionStrategy invalidSessionStrategy() {
        return new SpringInvalidSessionStrategy(securityProperties);
    }

    /**
     * 并发登录导致前一个session失效时的处理策略配置
     *
     * @return
     */
    @Bean
    @ConditionalOnMissingBean(SessionInformationExpiredStrategy.class)
    public SessionInformationExpiredStrategy sessionInformationExpiredStrategy() {
        return new SpringExpiredSessionStrategy(securityProperties);
    }
}
